ELSA-2025-17509

ELSA-2025-17509 - open-vm-tools security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2025-10-07

Description

[12.3.5-2.0.1.el8.1]
- Fix spaces in vmware udev rule for scsi devices [Orabug: 24461968]
- Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. [Orabug: 22815019]
- Increase timeout for scsi devices on VMWare guests by adding a udev rule. [Orabug: 21819156]

[12.3.5-2.el8.1]
- ovt-SDMP-Service-Discovery-Plugin.patch [RHEL-117388]
- Resolves: RHEL-117388
([CISA Major Incident] CVE-2025-41244 open-vm-tools: Local privilege escalation in open-vm-tools [rhel-8.10.z])

[12.3.5-2]
- ovt-Restart-tools-on-failure.patch [RHEL-17683]
- Resolves: RHEL-17683
(Add Restart=on-failure to vmtoolsd.service [rhel-8])

Related CVEs

CVE-2025-41244

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 8 (aarch64)	open-vm-tools-12.3.5-2.0.1.el8_10.1.src.rpm	59dd882dd85d29d60976eaac54518a97fa2ab2f1bbfa4dcd34154b75ac9390a0	-	ol8_aarch64_appstream
Oracle Linux 8 (x86_64)	open-vm-tools-12.3.5-2.0.1.el8_10.1.src.rpm	59dd882dd85d29d60976eaac54518a97fa2ab2f1bbfa4dcd34154b75ac9390a0	-	ol8_x86_64_appstream
	open-vm-tools-12.3.5-2.0.1.el8_10.1.x86_64.rpm	897d8d7799d5804fb76a70d84cf03922025a0ca09882fb77b27b6f7bdba5cff7	-	ol8_x86_64_appstream
	open-vm-tools-desktop-12.3.5-2.0.1.el8_10.1.x86_64.rpm	a7351625ac700e708accee5960dc8a6691111cb2f241905a63eb2bd259936183	-	ol8_x86_64_appstream
	open-vm-tools-salt-minion-12.3.5-2.0.1.el8_10.1.x86_64.rpm	8d18242d06aa9588e91b3f2a4a4cfb4756b28e34a4689bdd788baff3b309a938	-	ol8_x86_64_appstream
	open-vm-tools-sdmp-12.3.5-2.0.1.el8_10.1.x86_64.rpm	11334519da6bbefafef3be050259d3b993fde76c746a39abe7c2c4d33f2ad208	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team